Louise Halil
Legal and ethical issues in relation to
the use of business information in
my chosen organization.
By Louise Halil

Louise Halil
Introduction: In this assignment I will be explaining the legal and ethical issues in relation to the use of
business information in my chosen organisation.
Data Protection Act 1998:
Topshop as well as other businesses store and use information about
people. The Data protection act protects the information held about
people from being misused. Information that Topshop store on databases
must be





 Obtained fairly and lawfully
 Accurate and up to date
Processed in line with your rights
Not kept for longer than necessary
Used only for the purpose stated during collection

Under English law it is vital that all businesses that process personal data are registered with the
Information Commissioner and comply with the Data Protection Act. If they fail to do so, then the
Information Commissioner does have the power and authority to impose fines of up to £500,000 for
serious breaches of the DPA.
An example of Data protection act breached by topshop was topshop losing a high court battle against
the pop star Rihanna in a ruling that cost the chain millions. The American singer, acting under her real
name Robyn Rihanna Fenty, sued Topshop's parent company Arcadia for $5m (£3.3m) over the use of
her image on a T-shirt last year.
Another example in April 2011 Sony has been hit with a £250k fine after the Information Commissioners
Office found the Japanese giant guilty of allowing a ‘serious breach’ of the Data Protection Act for failing
to use up to date security software on its PlayStation Network. This allowed hackers to break into its
online store, exposing a raft of personal information such as names, addresses, dates of birth and credit
card information to criminals.
http://www.thedrum.com/news/2013/01/24/sony-fined-250k-overserious-data-protection-act-breach
Computer Misuse Act:
The Computer Misuse Act 1990 (CMA) is an act of the UK Parliament
passed in 1990 designed to frame legislation and controls over
computer crime and Internet fraud.



unauthorised access to computer material, punishable by 6
months' imprisonment or a fine
unauthorised access with intent to commit or facilitate
commission of further offences, punishable by 6
months/maximum fine

Louise Halil


unauthorised modification of computer material, subject to the same sentences as section 2

An example of a computer misuse act being breached:
James Marks and James McCormick breached the UK's Computer Misuse Act when they hacked into
Sony Music's servers and stole unreleased music recorded by Michael Jackson.
Marks, 27, hacked into Sony's servers from his home computer in Daventry, whilst McCormick, 26,
hacked into the company's systems from his home in Blackpool.
The men pled guilty to "two counts of unauthorised access to computer material", according to the
Crown Prosecution Service.
Leicester Crown Court sentenced the men to six months imprisonment, suspended for one year, and
ordered them to undertake 100 hours of unpaid work in the community, the Serious Organised Crime
Agency (SOCA) said : ‘Under the Computer Misuse Act it is an offence for a person to knowingly cause "a
computer to perform any function with intent to secure access to any program or data held in any
computer, or to enable any such access to be secured" without authorisation.
http://www.out-law.com/en/articles/2013/january/sony-music-hackers-given-suspended-prisonsentence/
Freedom of Information Act 2000
The Freedom of Information Act
2000 is an act of defining the ways
in which the public may obtain
access to government-held
information. The intent is to allow
private individuals and
corporations reasonable access to
information while minimizing the
risk of harm to any entity.


The Freedom of Information Act 2000 (FOIA) gives a general right of public access to all types of
'recorded' information held by public authorities, sets out exemptions from that general right,
and places a number of obligations on public authorities.

The Ministry of Defence (MoD) has broken freedom of information law by delaying a response on the
safety of nuclear weapons, according to a new ruling from the UK information tsar.
The Ministry of defence has been abused by the Information Commissioner, Christopher Graham, for
taking more than five months to reply to a request for six reports on nuclear weapons safety. Graham
has ruled that even in complex cases responses should always be made with 40 working days. The MoD,
he said, had breached section 17(3) of the Freedom of Information Act 2000 “by failing to provide the
complainant with its public interest determination within such time as is reasonable”.

Louise Halil
http://www.robedwards.com/2010/02/mod-in-breach-of-information-law-on-nuclear-weapons.html
Ethical issues
Ethnical issues are code of practice which exists in organizations to maintain business ethics. A few
examples of ethical issues are:






Whistle blowing- this is when a person from an organisation raises a concern about any lies or
illegal activity (fraud, theft) that is going on within the organisation they are working in for e.g.
The recent case involving Edward Snowden who realized classified material on top-secret NSA
programs including PRISM surveillance program.
Internet-Organisations supplies the internet and expects it to be used effectively and only for
work use, on the other hand in some cases employees fail to do that. e.g. in the BBC case when
an employee used the internet for unnecessary use, he was caught on camera and immediately
fired.
Use of email- The use of email shows a typical example of a company’s code of practice. There
are certain regulations that each employee must adhere too. Email in a work place should be
used for work purposes only and not personal use such as social network sites. Also email
should not be used to communicate through large documents which are sent on to large
numbers of people.

Organisational policies and code of practice
Organisational policies are rules that are made by the head of
the organisation and should be followed and understood by
all the employees that are part of the organisation,
additionally a code of practice is a set of guidelines and
regulations to be followed by each person who plays a role in
a specific organisation.
When Topshop are in the process of hiring staff, whether it’s one member or ten it is critical that the
employee explains topshops policies and code of conduct. Once the employees have understood the
terms of topshops policies and code of practice and agree to understanding these terms, the soon to be
employees sign a documentation to show that they agree and understand.
Topshop supply the internet for members of staff to communicate by email for members of staff to
communicate concerning shifts and general employee queries, the employees can also use the internet
to search which items are in stock quickly giving better customer service.
When any of the above terms and conditions are breached within Topshop for example whistle blowing,
use of email or the internet being misused the key employers, for instance chief executives and
managers within Topshop will immediately take action and investigate into the matter. Employees who
are seen as responsible for the incident could be suspended from work or at the harshest circumstance

Louise Halil
fired from Topshop. The Topshop website shows that only certain information of the customers is
shared with others, for example credit card processing, shipping name and address verification. Topshop
states â&#x20AC;&#x2DC; However, we will not pass your information on to any other Arcadia Group companies or other
third parties for marketing purposes unless you have agreed for us to do so.â&#x20AC;&#x2122; This reinforces the data
protection act.
Lastly in this assignment I have come to the conclusion that in any organisation as well as Topshop, legal
acts, ethical issues and codes of practice are very vital and take a big role in an organisation for e.g. they
can keep the organization from deteriorating, furthermore every organisation needs to follow these
legal acts, ethical issues and the code of practice procedures as if they donâ&#x20AC;&#x2122;t then it could cost them
their organisation and the safety of others in a workplace.